HireCentrix News - News Articles

A former IT staffer has pleaded guilty to using a secret vSphere console to wipe company servers

NEWARK, N.J. – A Georgia man who allegedly froze the operations of a New Jersey pharmaceutical company where he had worked by deleting portions of its computer network has been federally charged in connection with the alleged attack, U.S. Attorney Paul J. Fishman announced.

Jason Cornish, 37, of Smyrna, Ga., was arrested this morning near his residence by special agents of the FBI on a Complaint charging him with knowingly transmitting computer code with the intent to damage computers in interstate commerce. He is expected to make an initial appearance this afternoon before US. Magistrate Judge Janet F. King in Atlanta federal court.

“The computers on which companies do business are the engines of the 21st century economy,” U.S. Attorney Fishman stated. “Malicious intrusions are against the law, regardless of motive. Hacking attacks devised as personal revenge can have serious repercussions for perpetrators as well as victims.”

“As the general public is becoming increasingly aware, the impact of cyber intrusions can be substantial, whether it occurs at home, a commercial institution, or with critical national infrastructure,” said Newark FBI Special Agent in Charge Michael B. Ward. “In this instance, Jason Cornish allegedly was able to inflict great damage to Shionogi, Inc., with the stroke of a few computer keys. Unfortunately, given his choice to misuse his considerable cyber skills, his actions now have him facing a potential decade-long prison sentence and untold financial repercussions.”

According to the Complaint unsealed today:

Cornish was an information technology employee at Shionogi, Inc., a United States subsidiary of a Japanese pharmaceutical company with operations in New Jersey and Georgia.
In late September 2010, shortly after Cornish had resigned from Shionogi, the company announced layoffs that would affect B.N., Cornish’s close friend and former supervisor.

In the early morning hours of February 3, 2011, Cornish gained unauthorized access to Shionogi’s computer network. Cornish used a Shionogi user account to access a Shionogi server. Once he accessed the server, Cornish took control of a piece of software that he had secretly installed on the server several weeks earlier.

Cornish then used the secretly installed software program to delete the contents of each of 15 “virtual hosts” on Shionogi’s computer network. These 15 virtual hosts (subdivisions on a computer designed to make it function like several computers) housed the equivalent of 88 different computer servers. Cornish used his familiarity with Shionogi’s network to identify each of these virtual hosts by name or by its corresponding Internet Protocol address.

The deleted servers housed most of Shionogi’s American computer infrastructure, including the company’s e-mail and Blackberry servers, its order tracking system, and its financial management software. The attack effectively froze Shionogi’s operations for a number of days, leaving company employees unable to ship product, cut checks, or communicate by email. Shionogi sustained at least $300,000 in losses responding to the attack, conducting damage assessments, and restoring the company’s network to its prior condition.

The FBI’s investigation revealed that the attack originated from a computer connected to the wireless network of a Smyrna McDonald’s where Cornish had used his credit card to make a purchase minutes before the attack. Cornish also gained unauthorized access to Shionogi’s network from his home Internet connection using administrative passwords to which he had access as an employee.

The count with which Cornish is charged carries a maximum potential penalty of
10 years in prison and a $250,000 fine.

U.S. Attorney Fishman thanked special agents of Newark FBI’s Cyber Crimes Task Force, under the direction of Special Agent in Charge Michael B. Ward; and in Atlanta, under the direction of Special Agent in Charge Brian D. Lamkin, with the investigation leading to this morning’s arrest. Mr. Fishman added that the investigation is continuing.

The government is represented by Assistant U.S. Attorney Seth B. Kosto of the U.S. Attorney’s Office Computer Hacking and Intellectual Property Section in the Office’s Economic Crimes Unit in Newark.

The charges and allegations contained in the Complaint are merely accusations, and the
defendant is considered innocent unless and until proven guilty.

11-261                                                                                        ###

Defense counsel: Richard V. Merritt Esq., Smyrna, Ga.

Cornish, Jason Complaint

##

Comments: